- Working directly with the Level 3 / CERT to look for artifacts and IOCs on SIEM solutions and other applications;
- Hunting for hygiene issues, threats and advanced threats provided by the Threat Intelligence Team;
- Configuring endpoint tools (EDR) to implement IOCs in order to launch hunting queries;
- Running Network Discovery Mapping to find anomalies on networks;
- Assisting experts during configuration for deceptive security solutions and technologies;
- Working with use case factory to develop new signatures;
- Working with experts in implementing new signatures;
- Deep information security expertise.
- Excellent knowledge of one of the SEIM products Qradar ELK Splunk.
- Working knowledge in EDR solution like carbon black end game etc.
- Threat Hunting
- Threat Intelligence
- Threat Analysis